2.2

As soon as the leakage came to light, a number of remedial actions were immediately taken. The IPCC Secretariat contacted major search engine companies and Internet service providers in Hong Kong and overseas to request them to remove the leaked personal data from the Internet, including their caches.  The IPCC set up a Task Force to look into the Incident and reported its initial findings to the public through a press conference on 13 March 2006.  Hotlines manned by the IPCC Secretariat and sub-committees manned by Members of the IPCC were set up to receive enquiries from the public and to meet those who expressed concern over the Incident.  The IPCC Secretariat also worked closely with the Police in its cyber patrolling service and with the Office of the Privacy Commissioner for Personal Data to thwart any abusive use of the leaked personal data.  The IPCC, through its Chairman, made unreserved public apologies on 11 March and 17 March 2006.  The IPCC also published an open apology in major local newspapers on 10 April 2006 to the persons affected by the leakage for any inconvenience caused.  On 25 April 2006 and 11 May 2006, the IPCC Secretariat also sent personal letters to complainants and complainees affected by the Incident to apologize for the inconvenience caused.
   
2.3
 On 8 April 2006, the IPCC published an open report setting out the material facts that led to the leakage, and making various recommendations on tightening up internal security measures in the handling of personal data by the IPCC Secretariat and in offering redress to the persons affected 2. The IPCC also provided the Privacy Commissioner for Personal Data (the Commissioner) with all necessary information relating to the Incident to facilitate his statutory investigation under the Ordinance. (On the Commissioner's findings, please refer to paragraph 2.9 below.) 
   
2.4
 Arising from the Incident, the IPCC sub-committees met 93 affected persons and relayed their concerns and difficulties to the Government.
   
2.5
 As at the end of December 2006, a total of 29 claims for compensation were lodged by individuals affected by the Incident, among which four were lodged via legal proceedings. A number of other requests (for example, on changing identity card numbers, and accommodation) were also received from the affected persons.  They were processed by the IPCC Secretariat in co-ordination with the relevant Government departments.
   
2
 Details of the IPCC Report on Leakage of Personal Data can be found at http://www.ipcc.gov.hk/en/pdf/Independent_Police_Complaints_Council_(IPCC)_report_On_Leakage_of_Personal_Data_(8_April_2006)_EN.pdf
Page Top
Copyright | Important notices | Privacy policy Last revision date: